Add top-level README #205
Add top-level README #205
Conversation
|
This push mentions the security policy explicitly rather than leaving it to the issue selector. |
|
One thing I'm not sure about is the links -- GitHub automatically transforms certain links in certain ways. I tried my best, but I can't be 100% sure they're all correct before the README is live. We may have to change some URLs to be absolute, and remember to change them from "PRIVATE-thar" when we open the repo. |
|
|
||
| ### Security | ||
|
|
||
| We use [dm-verity](https://gitlab.com/cryptsetup/cryptsetup/wikis/DMVerity) to load a verified read-only root filesystem, preventing some classes of persistent security threats. |
There was a problem hiding this comment.
Not happy with the "preventing" clause here - we may just want to omit it for now.
There was a problem hiding this comment.
It felt extremely sparse with no explanation of dm-verity's benefit, so I tried to come up with something. Can you suggest an improvement, or would you prefer I remove this paragraph entirely? (And then the Security section would be too slim, so I'd probably remove the whole thing.)
|
This push addresses some of the concerns from @bcressey's review. |
|
This push addresses some final comments from bcressey; discussed changes with him offline. |
Addresses one bullet of #189.
TIP: Click the "rich diff" button when you look at the diff; it's at the top right of the file. That'll render the Markdown.
This adds a README to the root of the repo. It pulls from some existing documents, but tweaks the content, and there's also a lot of new stuff; it generally represents the type of information I think is critical at a first glance, while linking to a lot of more detailed docs.
I tried to be neither too chummy nor too technical, but approachable, and to give someone a sense of whether they care to keep going.
It's definitely not finished, in that we have more components to write and describe here, and we need others to review it for style and approval.
(I added everyone to the reviewer list because I think this is a critical doc, and I'd like everyone to see it, but I don't think we want a super-detailed (uh... tjkirch-style) review, because this will still go through a lot before release... 🙈 🙉 🙊)